noUse of eval is strongly discouraged

Thanks for a great package!

On build I get noUse of eval is strongly discouraged, as it poses security risks and may cause issues with minification

vue3-charts/src/models/Scale.ts

Lines 96 to 103 in dc07846

    
               const yMin = eval(` 
        
                 let dataMin = ${dataMin || 0} 
        
                 ${domain[0]} 
        
               `) 
        
               const yMax = eval(` 
        
                 let dataMax = ${dataMax || 0} 
        
                 ${domain[1]}

Can't this be re-written without eval ?

Hi @wilberforce,

The idea of eval here is to allow the ability to write dynamic domain like:

['dataMin * 2', 'dataMax * 4 + 100']

I don't see how this can be done without eval but if you have any ideas they are welcome.

Thanks,
Alexandru

Hi, untested - however this will do it I think!

const [dataMin, dataMax] = extent(Array.from(new Set(values.concat([valueMin || 0, valueMax || 0]))))
  function yMin() { return `${domain[0]}` }
  function yMax () { return `${domain[1]}` }
  return [yMin(), yMax()]

Hi Alexandru (@ghalex),

how about allowing functions (DataExtent) => AxisRange directly instead of string for evaluation?

i.e. replacing this ['dataMin * 2', 'dataMax * 4 + 100']
with this ([dataMin, dataMax]) => [dataMin*2, dataMax*4 + 100]

if user supplies [constant, constant] instead of functions, it will work as before.

The complete working proposal is here is here:
psykora@880cbcf

It is a breaking change though.

Thanks, Peter.

	const yMin = eval(`
	let dataMin = ${dataMin \|\| 0}
	${domain[0]}
	`)

	const yMax = eval(`
	let dataMax = ${dataMax \|\| 0}
	${domain[1]}